Method for secure communication
Abstract
A method for the secure communication of messages. A first party is provided with a set of numbers that have the property that when encrypted using an RSA encryption key the resulting set of encrypted numbers is of an order substantially smaller than that of the original set. If the encryption key and the original set of numbers are of the order of 200 decimal digits then the resulting set of encrypted numbers may be of the order of 15-30 decimal digits. To communicate a message the first party selects a number from the original set and applies a hashing function to the selected number to obtain a 64 binary bit DES key. The selected number is then encrypted with the RSA key and a message is encrypted with the DES key obtained. The encrypted message and the encrypted selected number are combined and the combined message is sent to a second party who has the corresponding RSA decryption key and knows the hashing function. The second party then decrypts the number, applies the hashing function to obtain the DES key and decrypts the message. Thus the parties may communicate with substantially the security of RSA while significantly reducing the minimum message length which may be securely encrypted.
Claims
exact text as granted — not AI-modifiedI claim:
1. A method for secure communications comprising the steps of: a) providing a first party with: a1) a key E s , said key E s being one key of an encryption/decryption key pair E s ,D s , said key pair E s ,D s , comprising keys E s and D s of a first order selected to provide a predetermined level of security; a2) a set of numbers {a'}, said numbers a' having the property that when encrypted with said key E s values E s [a'] of a second order substantially less than said first order are obtained; and a3) a hashing function H for mapping said numbers a' onto numbers of a third, smaller order; b) providing a second party with said key D s and said hashing function H, said second party keeping said key D s in secret; c) said first party communicating a message M1 by the steps of: c1) selecting a number a' from said set {a'}; c2) encrypting said selected number a' with said key E s to obtain a particular value E s [a']; c3) operating on said selected number a' with said hashing function H to obtain a single key encryption key K i , K i being equal to H(a'); c4) encrypting a message M1 with said key K i ; c5) forming a second level message M2 including said encrypted message K i [M1] and said particular value E s [a'], and sending said second level message to said second party; and d) said second party receiving said second level message and: d1) recovering said particular value E s [a'] from said second level message M2; d2) decrypting said particular value E s [a'] to obtain said selected number a' d3) operating on said selected number a' with said hashing function H to obtain said key K i equal to H(a'); d4) recovering said encrypted message K i [M1] from said second level message M2; and d5) decrypting said encrypted message K i [M1] with said key K i to obtain said message M1 equal to K i [K i [M1]].
2. A method as described in claim 1 wherein said encryption in step (4) is DES encryption.
3. A method as described in claim 2 wherein said numbers a' share a recognizable property.
4. A method as described in claim 3 wherein said first party keeps said key E s in secret.
5. A method as described in claim 2 wherein said first party keeps said key E s in secret.
6. A method as described in claim 1 wherein said numbers a' share a recognizable property.
7. A method as described in claim 6 wherein said first party keeps said key E s in secret.
8. A method as described in claim 1 wherein said first party keeps said key E s in secret.
9. A method as described in claim 1 wherein said second party is provided with a second set of numbers {a"}, said numbers having the property that when encrypted with said key D s values D s [a"] of a fourth order substantially less than said first order are obtained comprising the further steps of: a) said second party communicating a message M1' by the steps of: a1) selecting a number a" from said set {a"}; a2) encrypting said selected number a" with said key D s to obtain a particular value D s [a"] a3) operating on said selected number a" with said hashing function H to obtain a single key encryption key K j , K j being equal to H{a"}; a4) encrypting as message M1' with said key K j ; a5) forming a second level message M2' including said encrypted message K j [M1] and said particular value D s [a"], and sending said second level message M2 to said first party; and b) said first party receiving said second level message and: b1) recovering said particular value D s [a"] from said second level message M2'; b2) decrypting said particular value D s [a"] to obtain said selected number a"; b3) operating on said selected number a" with said hashing function H to obtain said key K j equal to H(a"); b4) recovering said encrypted message K j [M1'] from said second level message M2'; and b5) decrypting said encrypted message K j [ml"] with said key K j to obtain said message M1' equal to K j [k j [M1']].
10. A system for transmitting secure communications, comprising: a) first means for storing a key E s , said key E s being on of an encryption/decryption key pair E s ,D s , said key pair comprising keys E s and D s of a first order selected to provide a predetermined level of security; b) second means for storing: b1) a set of numbers (a'), said numbers a' having the property that when encrypted with said key E s values E s [a'] of s second order substantially less than said first order are obtained; and b2) a hashing function H for mapping said numbers a' onto numbers of a third smaller order; c) data processing means responsive to said first and second storing means for: c1) selecting a number a' from said set (a'); c2) encrypting said selected number a' with said key E s to obtain a particular value E s [a']; c3) operating on said selected number a' with said hashing function H to obtain a single key encryption key K j , K j being equal to H(a'); c4) encrypting a message M1 with said key K j ; c5) forming a second level message M2 including said encrypted first level message K j [M1] and said particular value E s [a']; and, d) transmission means responsive to said data processing means for sending said second level message M2.
11. A system as described in claim 10 wherein said first storing means is secure against access by unauthorized parties to said key E s .
12. A system for receiving secure communications, comprising: a) secure first means for storing a key D s said key D s being one of an encryption/decryption key pair E s , D s , said key pair comprising keys E s and D s of a first order selected to provide a predetermined level of security; b) second means for storing: a hashing function H for mapping numbers [a'] of a set {a'}, said numbers a' having the property that when encrypted with said key E s values E s [a'] of a second order substantially less than said first order are obtained, onto numbers of a third, smaller order c) receiving means for receiving messages; and, d) data processing means responsive to said first and second storing means and said receiving means for: d1) receiving a second level message M2, and recovering an encrypted message K j [M1] and a particular value E s [a'] from said second level message M2; d2) decrypting said particular value E s [a'] to obtain a selected number a': d3) operating on said selected number a' with said hashing function H to obtain a key K j ; d4) decrypting said encrypted message K j [M1] with said key K j to obtain said message M1 equal to K j [K j [M1]].Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.